fkie_cve-2011-4139
Vulnerability from fkie_nvd
Published
2011-10-19 10:55
Modified
2025-04-11 00:51
Severity ?
Summary
Django before 1.2.7 and 1.3.x before 1.3.1 uses a request's HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request.
References
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/09/11/1Patch
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/09/13/2Patch
cve@mitre.orghttp://secunia.com/advisories/46614
cve@mitre.orghttp://www.debian.org/security/2011/dsa-2332
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=737366Patch
cve@mitre.orghttps://hermes.opensuse.org/messages/14700881
cve@mitre.orghttps://www.djangoproject.com/weblog/2011/sep/09/Patch, Vendor Advisory
cve@mitre.orghttps://www.djangoproject.com/weblog/2011/sep/10/127/Patch
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/09/11/1Patch
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/09/13/2Patch
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46614
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2011/dsa-2332
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=737366Patch
af854a3a-2127-422b-91ae-364da2661108https://hermes.opensuse.org/messages/14700881
af854a3a-2127-422b-91ae-364da2661108https://www.djangoproject.com/weblog/2011/sep/09/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.djangoproject.com/weblog/2011/sep/10/127/Patch
Impacted products
Vendor Product Version
djangoproject django *
djangoproject django 0.91
djangoproject django 0.95
djangoproject django 0.95.1
djangoproject django 0.96
djangoproject django 1.0
djangoproject django 1.0.1
djangoproject django 1.0.2
djangoproject django 1.1
djangoproject django 1.1.0
djangoproject django 1.1.2
djangoproject django 1.1.3
djangoproject django 1.2
djangoproject django 1.2.1
djangoproject django 1.2.1
djangoproject django 1.2.2
djangoproject django 1.2.3
djangoproject django 1.2.4
djangoproject django 1.2.5
djangoproject django 1.3
djangoproject django 1.3
djangoproject django 1.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96EC0AAD-1199-4CDB-B599-A7959A160CB6",
              "versionEndIncluding": "1.2.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "C40AD94B-AC89-4404-973F-5E60468D06EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "529CD787-1C98-4F20-8A3D-90BF2B0BD790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:0.95.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "65A952FB-3A74-4A39-8870-1F37059C9D12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:0.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E79CFED-F8BF-48E7-897D-D1FB508DC9E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9023348-07A7-46E8-B45A-CC19563C5961",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "883C9BEA-8B02-42F7-90BB-F31CBCBF8B1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "59302184-7805-4D50-B25C-73E59DAA1E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "56846659-96C8-497C-8404-3975E5B6385B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DAB4639-B81D-412A-A081-EFF46737CA5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF068CD9-B33A-4C51-9FBA-CFDAE91E174E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "26D338D9-1504-4933-B833-BD7F1864E89D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD257D91-EF31-4103-9007-944603ABA271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "99387F31-9E04-4A73-A1C6-C05F96A8DB38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.1:2:*:*:*:*:*:*",
              "matchCriteriaId": "F75FE4BB-2C64-404F-9347-25289556BE56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "064C9403-8A43-42C7-A1FD-03CC49A32FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BCDB95B-88F2-466A-A4F9-4C080183E39B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "17B99C62-A653-45C1-A061-05A8FAD52107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFA5071B-808F-490E-B407-37CD24ACCA47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F5428AE-6B63-4D27-BCC4-F228264A6F0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.3:alpha1:*:*:*:*:*:*",
              "matchCriteriaId": "06F122AC-B9BF-4E27-A7C0-F3E7B5E8A907",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:djangoproject:django:1.3:alpha2:*:*:*:*:*:*",
              "matchCriteriaId": "AF1504F2-968F-4E1A-A143-BE494E658DF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Django before 1.2.7 and 1.3.x before 1.3.1 uses a request\u0027s HTTP Host header to construct a full URL in certain circumstances, which allows remote attackers to conduct cache poisoning attacks via a crafted request."
    },
    {
      "lang": "es",
      "value": "Django v1.2.7 y v1.3.x anterior a v1.3.1 usa la cabecera de una petici\u00f3n HTTP host para la construcci\u00f3n de una direcci\u00f3n URL completa, en determinadas circunstancias, lo que permite a atacantes remotos para realizar ataques de envenenamiento de cach\u00e9 a trav\u00e9s de una solicitud manipulada."
    }
  ],
  "id": "CVE-2011-4139",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-10-19T10:55:04.580",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/46614"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2011/dsa-2332"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://hermes.opensuse.org/messages/14700881"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/09/11/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://openwall.com/lists/oss-security/2011/09/13/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/46614"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=737366"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://hermes.opensuse.org/messages/14700881"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.djangoproject.com/weblog/2011/sep/09/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://www.djangoproject.com/weblog/2011/sep/10/127/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.